Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:14527 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 76324 invoked by uid 1010); 2 Feb 2005 17:23:45 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 76297 invoked from network); 2 Feb 2005 17:23:45 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2005 17:23:45 -0000 X-Host-Fingerprint: 12.18.144.101 charon.simplot.com Linux 2.4/2.6 Received: from ([12.18.144.101:39002] helo=occ01mx006.simplot.com) by pb1.pair.com (ecelerity HEAD (r4105:4106)) with SMTP id 5D/59-17292-0AC01024 for ; Wed, 02 Feb 2005 12:23:45 -0500 Received: from occ01mx003.na.simplot.com (occ01mx003.na.simplot.com [10.10.6.25]) by occ01mx006.simplot.com (JRSmailserver) with SMTP id 865C7CE5E2; Wed, 2 Feb 2005 10:24:28 -0700 (MST) Received: from 10.10.6.3 by occ01mx003.na.simplot.com (InterScan E-Mail VirusWall NT); Wed, 02 Feb 2005 10:23:42 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Wed, 2 Feb 2005 10:23:41 -0700 Message-ID: <5367F26C013DE8429873569307F6F4A3BC27A9@OCC01MX023.na.simplot.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [PHP-DEV] PHP 5.1 Thread-Index: AcUIweObnVKDI0eXS9yEGZImdlOPbQAg6x+A To: "Rasmus Lerdorf" Cc: Subject: RE: [PHP-DEV] PHP 5.1 From: Jesse.Binam@simplot.com ("Binam, Jesse") I know that my opinion probably means diddly but my %2 is free. ;) If I am understanding all of this right, if the raw varible contains some shell code like "\x90\x90\x90\xab\xa3\x54\x77" and I do something like $var =3D filter(GET,'foo',FILTER_NUMBER); $var would contain something like " 90 90 90 3 54 77". That still isn't valid, I filtered it for a number because that's what I am expecting. Valid values would be something like "12345" or "123.456". There are some cases where a filter would be nice. Like for a textarea where a user might insert some HTML,